Prerequisites
Candidates must also have a basic knowledge of auditing to ensure that they fully understand the content of the course and gain required skills.
Audience
Anyone who plans, implements, maintains, supervises or assesses information security controls, as part of an information security management system, as either a customer or provider of cloud services.
ISO 27017 Information Security Controls for Cloud Services Course Overview
The ISO/IEC 27017:2015 standard is designed to use cloud information security controls as a reference when implementing a cloud computing information security management system for organisations based on ISO/IEC 27002:2013. ISO/IEC 27017 can be considered as a code of practice, which gives guidance on such controls and assists the delegates to concentrates on the more particular risks related to cloud services as a customer.
This 2-day ISO 27017 certification aims to build on the knowledge specific to the cloud. This course helps the delegates to clearly identify who is responsible to manage the different security risks and ensure the appropriate cloud security controls are in place so you can maintain a resilient ISMS.
This training covers below important concepts:
- Concepts specific to the cloud
- Typical information security risks in cloud services
- ISO/IEC 27017:2015 introduction, scope and structure
- Applicable terms and definitions
- The benefits of implementing ISO/IEC 27017:2015
- A typical ISO/IEC 27017:2015 implementation framework
At the end of this training course, delegates will be able to lead a team of auditors in planning and reporting audits, as well as Identify key benefits associated with using ISO/IEC 27017 for cloud services, alongside an effective ISMS. They will also ensure that management system considers appropriate cloud-related controls that enable improved organisational security as technology evolves. This course will also make them efficient to provide products and services that consistently meet customer needs and increases their confidence.